Role: Cybersecurity Consultant (Splunk)
Location: Brussels, Belgium Hybrid
Language: EN
JOB DESCRIPTION
We are searching people with Splunk experience.
With experience as a detection engineer or experience with creating detection rules, and worked in a SOC before.
Job title: Data Cyber Security Consultant
Role Description:
The Cyber Security Incident Response Team is a centralized security service, responsible for managing cyber security incidents within the Group.
The team is responsible for delivering all relevant services to mitigate an incident as quickly and efficient as possible and to keep (higher) management updated on the progress.
As a SIEM analyst in CSIRT you are responsible for creating and improving monitoring use cases for the various log sources that are onboarded in the SIEM.
A strong set of data analytics skills are required for this function.
Your main objective is to come up with actionable use cases in a security monitoring context that improves the visibility of the environment.
Your role:
You work actively together with the application and engineering teams on log ingestion tasks.
You validate the content of the ingested logs at the SIEM.
You actively collaborate with our Cyber Defense Center and threat intel team to create and improve existing monitoring use cases.
You represent CSIRT in meetings with application stakeholders to make sure the right logs are selected and obtained by CSIRT.
You create dashboards and reports.
You support the blue team in their response to red team exercises.
Your Profile:
Bachelor’s degree in Computer Science/Information Security or equivalent combination of education and experience.
You have in-depth knowledge of the security aspects of Windows, Linux, internet technology and network protocols.
Similar experience within a telecommunications environment and technologies is considered of high value.
Experience with Splunk Enterprise Security is mandatory.
You have knowledge of a query language (KQL, SPL..).
Experience within a SOC environment is considered of high value.
Experience with public cloud (Azure, GCP, AWS..) is considered of high value.
You are flexible and a strong team player.
You have great communication skills.
You show integrity & trust while managing confidential information.
A mastering of English is a must for the position. Speaking French and/or Dutch is a plus but not mandatory.
Important: Applicants must have full rights as Belgian citizens or have been living for 5-10 years in Belgium as a resident to be considered for this role.
Location: Based in Belgium able to come 1/week at the office.